A data breach at the University of Kentucky has exposed the personal information of hundreds of thousands of students and staff. An annual cybersecurity inspection uncovered the breach, which was caused by a vulnerability in a server associated with the university’s College of Education database.  News source WDRB reported that more than 355,000 email addresses were exposed in the security incident, with victims located across the world.  “The database is part of a free resource program known as the Digital…

An intelligence analyst who illegally obtained classified US government documents on drone warfare and leaked them to a journalist has been sentenced to prison. Daniel Everette Hale met the reporter in April 2013 while attending an event in a bookstore in Washington DC.  In 2014, while working as a cleared defense contractor at the National Geospatial-Intelligence Agency (NGA), Hale printed six classified documents, all of which were later published by a news outlet. Hale later printed 36…

This is the third in a series of blogs on the Cybersecurity EO, and I encourage you to read those you may have missed. (Part 1, Part 2). Between the initial publication of the Executive Order (EO) for Improving the Nation’s Cybersecurity on May 12 and late July, a flurry of activity by departments and agencies continues to occur on how best to understand and address potential security gaps. Once identified, these analyses will facilitate…

Now patched by Amazon, security vulnerabilities found by Check Point would have given attackers access to a Kindle device and its stored data. Image: Amazon Amazon Kindle owners could have exposed themselves to a remote control attack simply by opening the wrong e-book. In a report published on Friday, cybersecurity provider Check Point said that it discovered security holes in the Kindle that would have helped a cybercriminal take full control of the device, potentially…

Spam as a share of global mail traffic rose, and attackers have started to adapt their scams to other languages to reach wider audiences. Image: Vladimir Obradovic, Getty Images/iStockphoto Despite a rise in global spam numbers, adoption of new languages by phishing attackers, new scam types and a shift in the most commonly impersonated business type to phish people, Kaspersky’s Q2 2021 quarterly spam report is described by its authors as “not delivering any surprises.” …

The scam messages try to convince you to enter your Social Security number and other personal info at a website masquerading as your state’s workforce agency. Image: iStock/Melpomenem Scammers are now targeting people who have filed for unemployment insurance through a phishing campaign designed to capture sensitive information. In a warning posted on Wednesday, the FTC warned of a new series of deceptive text messages and emails that lead you to websites spoofing your state’s…